IT Governance, Risk, and Compliance

Dec 1 2012   12:09AM GMT

Network Infrastructure Security: Intrusion Detection Systems – Part IV



Posted by: Robert Davis
Tags:
Access Controls
Availability Management
Continuous Monitoring
Control Techniques
Distributed Platforms
Exception Reporting Systems
Hackers
Information Assets Protection
IT Security Infrastructure
IT Security Services
Logical Security
Management Information Systems
Risk Management

As suggested in the aforementioned paragraph, depending on the developer, an entity deployed IDS can have a variety of components and features. However, IDS functionality commonly includes sensors for detecting data, analyzers for evaluating data, panels for monitoring activities as well as user-interfaces for manipulating configuration settings. Collected IDS items can be in the form of packets, system audit records, computed hash values as well as other data formats. Procedurally, analyzers receive input from sensors and determine intrusive activity.

The misuse detection model is based on the hypothesis that known exploits of vulnerabilities can be described by attack signatures or patterns, therefore IT attacks can be revealed through identifiable patterns. Malicious misuse encompasses reading, modification, and destruction of data. Misuse detection systems normally compare gathered information to large databases of attack signatures for internal perpetrator identification. There is typically a high-degree of certainty that signature-based intrusion detection models will recognize exact attack pattern replications; however slight variations in a data-based attack pattern may escape discovery.

Source:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Raleigh: Lulu.com, 2010.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: